Controllerless Networks

Contributor II

IAP Portal 802.1x issues%0D%0A

Im using IAP on the latest code. I setup my ssid to use radius for 802.1x auth. On Radius, I have EAP with a self signed cert. On a windows client, I create the wireless network, turn off "validate Cert" until I get a 3rd party one, and connect using WPA2 Enterpise. I get connected fine. Then I convert the SSID to guest, create a authenticated captive portal, point auth to radius and login keeps failing with the below error. What am I missing? 


Contact the Network Policy Server administrator for more information.



                Security ID:                                          redbull\RSmith

                Account Name:                                   rsmith

                Account Domain:                                               redbull


Client Machine:

                Security ID:                                          NULL SID

                Account Name:                                   -

                Fully Qualified Account Name:        -

                OS-Version:                                          -

                Called Station Identifier:                   aca31ec7b99c

                Calling Station Identifier:                  c4b301bb0dc1



                NAS IPv4 Address:                    

                NAS IPv6 Address:                              -

                NAS Identifier:                                     -

                NAS Port-Type:                                    Wireless - IEEE 802.11

                NAS Port:                                              0


RADIUS Client:

                Client Friendly Name:                        Aruba

                Client IP Address:                                      


Authentication Details:

                Connection Request Policy Name: NAP 802.1X (Wireless)

                Network Policy Name:                      Aruba

                Authentication Provider:                  Windows

                Authentication Server:            

                Authentication Type:                         PAP

                EAP Type:                                             -

                Account Session Identifier:                               -

                Logging Results:                                  Accounting information was written to the local log file.

                Reason Code:                                       66

                Reason:                                                 The user attempted to use an authentication method that is not enabled on the matching network policy.



Re: IAP Portal 802.1x issues

You need to enable PAP authentication in NPS/IAS policy for that to work

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Architect @WEI
Contributor II

Re: IAP Portal 802.1x issues

I did enable it. Under authentication in the network policy on NPS. The check box under MSChap section. I also enabled EAP and EAP settings.. 

Also, why is it using PAP. I want EAP only. Could EAP not be working becouse its doesn’t have a trusted Cert so PAP is being used instead?

Guru Elite

Re: IAP Portal 802.1x issues

Pap is the only thing that works with Captive Portal.

Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
Search Airheads
Showing results for 
Search instead for 
Did you mean: